Vulnerabilities / Threats
12/7/2010
04:52 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Google Launches Chrome OS Preview

The first Chrome OS netbooks will ship to a limited set of early adopters this week.

Google Chrome OS Promises Computing Without Pain
(click image for larger view)
Slideshow: Google Chrome OS Promises Computing Without Pain

In recent years, consumers have had three major desktop-oriented operating systems to choose from: Windows, Mac OS, and Linux. On Tuesday, Google introduced a fourth option, Chrome OS.

'With Chrome OS, we have the development of a viable third choice for the desktop," said CEO Eric Schmidt, evidently unconvinced that Linux counts where consumers are concerned.

At a media event in San Francisco, Google announced a pilot program for Chrome OS, its highly anticipated browser-based operating system, launched the Chrome Web Store, its effort to change the way Web apps are discovered and purchased, and provided an update on the global adoption of its Chrome browser.

Chrome OS won't be ready for a stable release until mid-2011. That's when Google's Chrome OS hardware partners Acer and Samsung are expected to ship their Chrome OS netbooks.

But Google this week plans to begin shipping specially commissioned hardware to select testers through its Chrome OS pilot program.

Program participants will receive a Google-commissioned netbook, designated Cr-48, with Chrome OS installed. The company extended invitations to event attendees, to a random group of users through an invitation placed on the Chrome new tab page, and to some Facebook users who participated in a recent quiz. Would-be Chrome OS users may also apply online and are encouraged to submit a YouTube video to convey why they should be invited into the pilot program.

"Chrome OS is nothing but the Web," said Sundar Pichai, VP of product management.

Google is throwing out the things people hate most about computers -- slow startup times, the need to update and install software, and security worries -- and offering an operating system that loads its Chrome browser instead of a desktop file system.

Those using Chrome OS will have to rely on Web applications in place of familiar favorites like Microsoft Office. To ensure an adequate supply of Web apps, Google launched its Chrome Web Store, an online app store that aims to do for Web apps what Apple's iTunes has done for music and iOS apps: build a viable market by providing a mechanism for discovery and monetization.

The Chrome Web Store has some 500 apps at launch but Google expects that developers will add many more in the months ahead. Several companies sent representatives to discuss the Web apps they've created for Chrome, including Amazon, Electronic Arts, and the New York Times.

Amazon showcased an e-commerce Web app called Amazon Windowshop and Kindle for the Web, which will be available early next year. Electronic Arts demonstrated a game called Popit that will ship with future versions of Chrome. And the New York Times showed off a newspaper reading Web app that allows the user to control how news gets presented.

Pichai acknowledged that offline functionality was necessary and demonstrated a version of Google Docs that works offline (coming early next year). But he said that the Web is better when a network connection is available. That's why Google has partnered with Verizon to offer on-demand cellular connectivity with every Chrome notebook.

The Verizon plan provides for 100 MB of free data every month for two years. It doesn't require a contract and additional data can be purchased as needed, starting at $9.99 for unlimited data for one day.

Pichai also provided an update on the adoption of its Google Chrome browser. Chrome had 70 million users in May. Now it has 120 million users worldwide.

"The single most common piece of feedback we get from our users is that Chrome is fast," he said. "Speed has been our biggest focus since day one."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2021
Published: 2014-10-24
Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBulletin 4.4.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted XMLRPC API request, as demonstrated using the client name.

CVE-2014-3604
Published: 2014-10-24
Certificates.java in Not Yet Commons SSL before 0.3.15 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVE-2014-6230
Published: 2014-10-24
WP-Ban plugin before 1.6.4 for WordPress, when running in certain configurations, allows remote attackers to bypass the IP blacklist via a crafted X-Forwarded-For header.

CVE-2014-6251
Published: 2014-10-24
Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote attackers to have an unspecified impact by sending a mining.subscribe response with a large nonce2 length, then triggering the overflow with a mining.notify request.

CVE-2014-7180
Published: 2014-10-24
Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3 uses world-writable permissions for (1) eccert.pl and (2) ecconfigure.pl, which allows local users to execute arbitrary Perl code by modifying these files.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.